A friend of mine has been receiving letters from his ISP saying he had been going over his usage blah blah, but he cannot see how he has as he works mostly into late evening and only lightly browses the internet in the night.

I took a look this evening and found he was using his wireless connection for his laptop and everything was dog slow for a broadband line. It would have been slow for dial up standards. I notice the ADSL status light on his Netgear flickering away like a madman, so I think "hello?!?" and dive into the router.

Even though he had WEP set up, there appeared to be a local leech who had sniffed his key and was using his connection to download things.:angry:

I've just spent the latter part of the evening removing keyloggers and setting him up on WPA. As his wireless card is from the ark, we needed a trip to PC world to buy a new network card.

I was gutted as this is the first time I have ever seen this, I now realise maybe I should have left everything the way it was and called the police, but alas, alarm bells ringing and hunger made me do some rash decision making and previous experience of the local plod made me nervous.

The moral is, check you aren't on WEP, use WPA as a minimum and if like me you have a decent router, set up internal RADIUS authentication for wireless clients and keep an eye on suspicious things.

Also, deny all MAC addresses apart from yours.

cables all over the house FTW :D

no1 can hack my CAT5 :D

WPA is still hackable. Sure it'll generally take a lot longer than hacking WEP, but its perfectly feasible. Wireless is insecure, full stop.

If you want to try it for yourself the tools you'll need are right here:
http://www.grape-info.com/doc/linux/config/aircrack-ng-0.6.html

They are *nix based, but you could run them within a cygwin session on a Windows box, and there are almost certainly going to be Windows variants out there somewhere.

Your router should have a screen to show you.

A lot of routers have an option to display who is connected - I know mine does, but I can't tell you where. Have a plonk around the front end in a browser and see if it's there somewhere. What router do you have?

In your router management there should be a page which shows all connected deviced. For me there are usually 3 - my 2 pc's and my Xbox 360. If I ever saw more than that I'd be checking it out to find out who it is.

3 responses in as many minutes... anyone spot a bunch of bored geeks around here?

WEP / WPA doesnt really matter, if they want in bad then they can get in. MAC address filtering helps a little as does not being DHCP'd but these are all easy to get round as with a little packet sniffing and spoofing you'd be in.

Aye, the best you can do is keep out the opportunists, if somebody really wants to get in they can do. There are other ways beyond encryption and access control to 'secure' wireless access, but they're technologies not directly related to wireless, and require infrastructure.

:thumbup:

I don't have extreme protection on mine, in fact I think I disabled WEP/WPA - and simply decided not to broadcast the network name. When I set encryption, one of my PCs couldn't connect to the network any more...

and simply decided not to broadcast the network name.
An utterly meaningless option KK, it inconveniences yourself for no security gain what so ever.

I have WPA (do have WPA 2 but 360 won't work with it)

Bind IP to MAC

And have it set to strict bind along with a wireless security option (add mac to station list and only allow access to then).

Obviously is someone wants in they can...but hopefully it'll stop 99.9% of would be hackers.

An utterly meaningless option KK, it inconveniences yourself for no security gain what so ever.Would it be correct for me to assume that if someone were to gain access to my wireless network, they could do so without my knowledge?

Or will the 'intruder' always appear in the wireless connections list of the router?

Short answer yes, long answer depends on the router. It the majority of cases yes, any wireless clients will be reported by your router.

And yes to the first one, anybody could be using your network at the moment, as you lack the basic deterrents of encryption and/or access control by MAC address.

Took me bloody ages to setup WPA. It kept booting my out but eventually managed to get it.

Still not 100% convinced it was the dodgy housemate who got caught uploading a file the MPAA was tracking at 6am but at least it's hopefully stopped him being a plonker.

Even if he has used 25% of our network allowance in 4 days.

When I get my own place I'm definitely going back to wired.

I've gone off wireless. Wires FTW.

I've cracked a few APs in the past when in hotels and so on - just leave the laptop on for a bit, get enough packets, crack the key, sniff the network for extra info (IP addresses etc...) and bob's you're uncle really (this is using Linux and some crafty tools you can get from it's packages) but you can do it in windows too you just have to download the right software. You only need a certain amount of data to be able to retrieve the key. WPA is only marginally safer really. As Jarp says, WiFi is insecure end-of.